Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google redirect rootkit help!


  • This topic is locked This topic is locked
12 replies to this topic

#1 mr roman

mr roman

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CT / Puerto Rico
  • Local time:12:34 AM

Posted 18 November 2011 - 01:25 PM

Basically, I'm having the exact same problem as here: http://www.bleepingcomputer.com/forums/topic428082.html

I ran into this site while googling iexplorer.exe and the ip that was being blocked. Foolishly I ran FixTDSS after reading some of the posts elsewhere (i was aware of bsods from using this tool but i used it anyways). SO now im in the same pickle jar as everyone else. Goes straight to BSOD after it loads CLASSPNP driver.

I previously ran MBAM, SAS, HitManPro, and got rid of some malware. but the redirects still happened. I tried TDSSKiller to no avail, it didnt even load.


Im using Win7, I saw that on the other posts one of the users asked for a scan using FRST. So here is my scan

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.9
Ran by SYSTEM at 2011-11-18 12:05:39
Running from F:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [MSIAfterburner] "C:\Program Files\MSI Afterburner\MSIAfterburnerWrapper.exe" /s [44344 2010-06-06] ()
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h [2497352 2011-10-20] (COMODO)
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [449608 2011-08-31] (Malwarebytes Corporation)
HKU\Kenny\...\Run: [AdobeBridge] [x]
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
AppInit_DLLs: C:\Windows\system32\guard32.dll

================================ Services (Whitelisted) ==================

2 AMD External Events Utility; C:\Windows\System32\atiesrxx.exe [176128 2011-09-08] (AMD)
2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [291840 2011-09-08] (Advanced Micro Devices, Inc.)
2 AppHostSvc; C:\Windows\system32\inetsrv\apphostsvc.dll [61440 2009-07-13] (Microsoft Corporation)
2 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [1883328 2011-10-07] (COMODO)
3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
3 Desura Install Service; C:\Program Files\Desura\desura_service.exe [815424 2011-01-07] (Desura Pty Ltd)
2 ES lite Service; "C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE" [68136 2009-08-24] ()
3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [655624 2011-05-07] (Acresso Software Inc.)
2 FreeAgentGoNext Service; "C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe" [189736 2009-09-25] (Seagate Technology LLC)
2 lxcg_device; C:\Windows\system32\lxcgcoms.exe -service [537520 2007-04-29] ( )
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [366152 2011-08-31] (Malwarebytes Corporation)
2 mi-raysat_3dsmax2010_32; "C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe" [86016 2009-03-12] ()
3 Microsoft SharePoint Workspace Audit Service; "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice [30963576 2010-01-21] (Microsoft Corporation)
4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" -NetMsmqActivator [128848 2009-06-10] (Microsoft Corporation)
2 NetPipeActivator; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [128848 2009-06-10] (Microsoft Corporation)
2 NetTcpActivator; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [128848 2009-06-10] (Microsoft Corporation)
2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [3576320 2009-07-17] (Native Instruments GmbH)
2 NovacomD; C:\Program Files\HP webOS\SDK\bin\novacomd\x86\novacomd.exe [61440 2011-06-24] (Palm)
2 OrbMediaService; "C:\Program Files\Orb Networks\Orb\bin\OrbMediaService.exe" [36352 2010-06-29] (Orb Networks)
2 Palm_TCP_Relay; "C:\Program Files\HP webOS\PDK\tcprelay.exe" [11776 2011-07-19] ()
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-10-04] ()
3 Sony SCSI Helper Service; "C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe" [73728 2010-04-02] (Sony Corporation)
3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
2 VMAuthdService; "C:\Program Files\VMware\VMware Workstation\vmware-authd.exe" [113264 2010-11-11] (VMware, Inc.)
2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [334448 2010-11-11] (VMware, Inc.)
2 VMware NAT Service; C:\Windows\system32\vmnat.exe [404080 2010-11-11] (VMware, Inc.)
3 WAS; C:\Windows\system32\inetsrv\iisw3adm.dll [396288 2009-07-13] (Microsoft Corporation)
4 ACW; C:\Users\Kenny\AppData\Local\Temp\ACW.exe [x]
3 ufad-ws60; "C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml [x]

========================== Drivers (Whitelisted) =============

3 adatadrv; C:\Windows\System32\DRIVERS\adatadrv.sys [762112 2009-10-17] (none)
3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices)
3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [8606208 2011-09-08] (ATI Technologies Inc.)
3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [248832 2011-09-08] (Advanced Micro Devices, Inc.)
3 AODDriver; \??\C:\Program Files\Gigabyte\ET6\i386\AODDriver.sys [7168 2009-02-22] ()
2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices)
1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [488208 2011-10-07] (COMODO)
1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [39640 2011-10-07] (COMODO)
2 cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [21992 2010-11-09] (CPUID)
3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2010-01-01] (Elaborate Bytes AG)
3 etdrv; \??\C:\Windows\etdrv.sys [17488 2011-10-23] (Windows 2000 DDK provider)
3 FVNETusb; C:\Windows\System32\DRIVERS\vnet58lx.sys [122112 2004-03-26] (Cisco-Linksys LLC.)
3 gdrv; \??\C:\Windows\gdrv.sys [17488 2011-11-17] (Windows 2000 DDK provider)
0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
3 GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [24944 2011-10-23] ()
3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
2 hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [32368 2010-11-11] (VMware, Inc.)
3 hitmanpro35; \??\C:\Windows\system32\drivers\hitmanpro35.sys [17480 2011-11-17] ()
1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [82400 2011-10-07] (COMODO)
3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
3 ManyCam; C:\Windows\System32\DRIVERS\ManyCam.sys [21632 2008-01-14] (ManyCam LLC.)
3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [530944 2009-07-13] (Ralink Technology, Corp.)
3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [47360 2010-08-23] (VSO Software)
3 Point32; C:\Windows\System32\DRIVERS\point32.sys [40848 2010-07-21] (Microsoft Corporation)
3 QCMerced; C:\Windows\System32\DRIVERS\LVCM.sys [1317152 2005-05-27] ()
3 RTCore32; \??\C:\Program Files\MSI Afterburner\RTCore32.sys [12088 2010-06-06] ()
3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [155648 2009-07-17] (Realtek Semiconductor Corp.)
3 Salmosa03; C:\Windows\System32\Drivers\Salmosa.sys [9344 2008-03-20] (Razer (Asia-Pacific) Pte Ltd)
2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [92712 2008-07-11] (SafeNet, Inc.)
3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [37088 2008-07-11] (SafeNet, Inc.)
0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows 2000 DDK provider)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [431672 2011-03-03] (Duplex Secure Ltd.)
1 VBoxDrv; C:\Windows\System32\DRIVERS\VBoxDrv.sys [142992 2010-06-25] (Oracle Corporation)
3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [100496 2010-06-25] (Oracle Corporation)
3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [111312 2010-06-25] (Oracle Corporation)
1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [41936 2010-06-25] (Oracle Corporation)
2 vmci; \??\C:\Windows\system32\Drivers\vmci.sys [70768 2010-11-11] (VMware, Inc.)
3 vmkbd; \??\C:\Windows\system32\drivers\VMkbd.sys [24688 2010-11-11] (VMware, Inc.)
3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16560 2010-11-11] (VMware, Inc.)
2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [36400 2010-11-11] (VMware, Inc.)
2 VMnetuserif; \??\C:\Windows\system32\drivers\vmnetuserif.sys [26352 2010-11-11] (VMware, Inc.)
2 VMparport; \??\C:\Windows\system32\Drivers\VMparport.sys [23792 2010-11-11] (VMware, Inc.)
2 vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [854128 2010-11-11] (VMware, Inc.)
2 vstor2-ws60; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [22448 2010-08-19] (VMware, Inc.)
3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [x]
3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [x]
3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [x]
3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [x]
3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [x]
3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [x]
3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [x]
3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [x]
3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [x]
3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [x]
2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [x]
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [x]
3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [x]
1 SASDIFSV; \??\C:\Users\Kenny\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
1 SASKUTIL; \??\C:\Users\Kenny\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-17 22:42 - 2011-11-17 22:35 - 0858012 ____A C:\FRST.exe
2011-11-17 18:43 - 2011-11-17 18:43 - 0205072 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys
2011-11-17 18:25 - 2011-11-17 18:44 - 0334220 ____A C:\Windows\ntbtlog.txt
2011-11-17 17:29 - 2011-11-17 17:29 - 0000000 ____D C:\Users\Kenny\Desktop\AutocompleteList
2011-11-17 17:04 - 2011-11-17 17:04 - 0001505 ____A C:\Users\Kenny\Desktop\scribbles.txt
2011-11-17 16:45 - 2011-11-17 16:45 - 9704960 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-11-17 16:45 - 2011-11-17 16:45 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-17 16:45 - 2011-11-17 16:45 - 1798144 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1791488 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-11-17 16:45 - 2011-11-17 16:45 - 12275200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1126912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1102848 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-17 16:45 - 2011-11-17 16:45 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-11-17 16:45 - 2011-11-17 16:45 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-11-17 16:45 - 2011-11-17 16:45 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-17 16:43 - 2011-11-17 16:46 - 0004143 ____A C:\Windows\IE9_main.log
2011-11-17 16:29 - 2011-11-17 18:15 - 0001001 ____A C:\Users\Kenny\Start Menu\Programs\Startup\Dropbox.lnk
2011-11-17 16:29 - 2011-11-17 18:15 - 0001001 ____A C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2011-11-17 11:48 - 2011-11-17 11:42 - 0001142 ____A C:\Users\Kenny\Documents\indexfile.txt
2011-11-17 11:42 - 2011-11-17 11:42 - 36020570 ____A C:\Users\Kenny\Documents\Firefox 3.6.24 (en-US) - 2011-11-17.pcv
2011-11-17 11:40 - 2011-11-17 11:40 - 0000000 ____D C:\Program Files\MozBackup-1.5.1-EN
2011-11-15 16:32 - 2011-11-17 18:47 - 0000538 ____A C:\Windows\setupact.log
2011-11-15 16:32 - 2011-11-15 16:32 - 0000000 ____A C:\Windows\setuperr.log
2011-11-15 13:37 - 2011-11-15 13:37 - 5781957 ____A C:\Users\Kenny\Downloads\c01758220.pdf
2011-11-14 23:38 - 2011-11-14 23:38 - 0000000 ____D C:\Users\Kenny\AppData\Local\Skyrim
2011-11-14 19:10 - 2011-11-14 19:10 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-11-14 18:53 - 2011-11-14 18:55 - 0000000 ____D C:\Users\All Users\Comodo
2011-11-14 18:53 - 2011-11-14 18:55 - 0000000 ____D C:\ProgramData\Comodo
2011-11-14 18:52 - 2011-11-14 18:52 - 0000000 ____D C:\Program Files\COMODO
2011-11-14 18:51 - 2011-11-14 18:53 - 0000000 ____D C:\Users\All Users\Comodo Downloader
2011-11-14 18:51 - 2011-11-14 18:53 - 0000000 ____D C:\ProgramData\Comodo Downloader
2011-11-14 00:21 - 2011-11-14 01:24 - 424673280 ____A C:\Users\Kenny\Downloads\GR-Fashion-Pack.part1.rar
2011-11-13 13:55 - 2011-11-13 13:55 - 35967395 ____A C:\Users\Kenny\Downloads\IMG_3621.psd
2011-11-11 11:33 - 2011-11-11 11:36 - 221146570 ____A C:\Users\Kenny\Downloads\SVP.11.0.425-x64-64bit.rar
2011-11-11 11:29 - 2011-11-11 11:38 - 214700884 ____A C:\Users\Kenny\Downloads\SVP.11.0.424-x86-32bit.rar
2011-11-11 09:54 - 2011-11-11 10:56 - 424673280 ____A C:\Users\Kenny\Downloads\GR-Fashion-Pack.part2.rar
2011-11-10 22:56 - 2011-11-10 22:56 - 0000000 ____D C:\Users\Kenny\Downloads\Sony.Vegas.Pro.10.x86-x64.Cracked
2011-11-10 17:28 - 2011-11-13 15:37 - 0000041 ____A C:\Users\Kenny\Desktop\to-do today.txt
2011-11-09 11:19 - 2011-11-09 11:19 - 0000000 ___HD C:\Users\Kenny\Start Menu\Programs\Startup\AutorunsDisabled
2011-11-09 11:19 - 2011-11-09 11:19 - 0000000 ___HD C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
2011-11-09 09:33 - 2011-11-09 09:33 - 0000000 ____D C:\Users\Kenny\Downloads\StockT-shirtDesigns_Free-Sample_05
2011-11-09 09:33 - 2009-10-28 10:05 - 3237295 ____A C:\Users\Kenny\Downloads\template.psd
2011-11-09 09:33 - 2009-10-28 10:05 - 0114941 ___AH C:\Users\Kenny\Downloads\preview.jpg
2011-11-09 01:26 - 2011-11-09 01:26 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2011-11-08 13:10 - 2011-11-08 13:10 - 0000159 ____A C:\Users\Kenny\Desktop\screenprinting supplies.txt
2011-11-08 12:29 - 2011-10-13 12:34 - 0000000 ____D C:\Users\Kenny\Downloads\7.magazine.MU.Bun
2011-11-08 10:42 - 2011-11-08 10:42 - 0001080 ____A C:\Windows\System32\settingsbkup.sfm
2011-11-08 10:42 - 2011-11-08 10:42 - 0001080 ____A C:\Windows\System32\settings.sfm
2011-11-07 10:27 - 2011-11-07 10:33 - 0000000 ____D C:\Users\Kenny\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2011-11-07 09:44 - 2011-11-15 21:18 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Winamp
2011-11-06 12:46 - 2011-11-06 12:46 - 0000074 ____A C:\lxcg.log
2011-11-06 11:05 - 2011-11-06 11:07 - 0000000 ____D C:\Program Files\Lx_cats
2011-11-06 11:04 - 2011-11-06 11:08 - 0014645 ____A C:\Windows\System32\LexFiles.ulf
2011-11-06 11:04 - 2011-11-06 11:08 - 0000000 ____D C:\Program Files\Lexmark 2300 Series
2011-11-06 11:04 - 2007-04-29 19:54 - 0537520 ____A ( ) C:\Windows\System32\lxcgcoms.exe
2011-11-06 11:04 - 2007-04-29 19:54 - 0385968 ____A ( ) C:\Windows\System32\lxcgih.exe
2011-11-06 11:04 - 2007-04-29 19:54 - 0381872 ____A ( ) C:\Windows\System32\lxcgcfg.exe
2011-11-06 11:04 - 2007-04-29 19:02 - 0001729 ____A C:\Windows\System32\lxcg.loc
2011-11-06 11:04 - 2007-04-17 22:43 - 0106496 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcginsr.dll
2011-11-06 11:04 - 2007-04-17 22:42 - 0131072 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcgjswr.dll
2011-11-06 11:04 - 2007-04-17 22:42 - 0036864 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcgcur.dll
2011-11-06 11:04 - 2007-04-17 22:40 - 0200704 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcginsb.dll
2011-11-06 11:04 - 2007-04-17 22:40 - 0155648 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcgins.dll
2011-11-06 11:04 - 2007-04-17 22:40 - 0086016 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcgcub.dll
2011-11-06 11:04 - 2007-04-17 22:40 - 0073728 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcgcu.dll
2011-11-06 11:04 - 2007-04-17 22:39 - 0446464 ____A (Lexmark International, Inc.) C:\Windows\System32\lxcgutil.dll
2011-11-06 11:04 - 2007-04-04 08:40 - 0643072 ____A ( ) C:\Windows\System32\lxcgpmui.dll
2011-11-06 11:04 - 2007-04-04 08:39 - 1224704 ____A ( ) C:\Windows\System32\lxcgserv.dll
2011-11-06 11:04 - 2007-04-04 08:34 - 0421888 ____A ( ) C:\Windows\System32\lxcgcomm.dll
2011-11-06 11:04 - 2007-04-04 08:32 - 0585728 ____A ( ) C:\Windows\System32\lxcglmpm.dll
2011-11-06 11:04 - 2007-04-04 08:31 - 0397312 ____A ( ) C:\Windows\System32\lxcgiesc.dll
2011-11-06 11:04 - 2007-04-04 08:31 - 0274432 ____A C:\Windows\System32\lxcginst.dll
2011-11-06 11:04 - 2007-04-04 08:29 - 0094208 ____A ( ) C:\Windows\System32\lxcgpplc.dll
2011-11-06 11:04 - 2007-04-04 08:28 - 0684032 ____A ( ) C:\Windows\System32\lxcgcomc.dll
2011-11-06 11:04 - 2007-04-04 08:28 - 0163840 ____A ( ) C:\Windows\System32\lxcgprox.dll
2011-11-06 11:04 - 2007-04-04 08:22 - 0413696 ____A ( ) C:\Windows\System32\lxcginpa.dll
2011-11-06 11:04 - 2007-04-04 08:21 - 0995328 ____A ( ) C:\Windows\System32\lxcgusb1.dll
2011-11-06 11:04 - 2007-04-04 08:19 - 0323584 ____A ( ) C:\Windows\System32\lxcghcp.dll
2011-11-06 11:04 - 2007-04-04 08:18 - 0696320 ____A ( ) C:\Windows\System32\lxcghbn3.dll
2011-11-06 11:04 - 2007-01-22 00:20 - 0069632 ____A (Lexmark International) C:\Windows\System32\lxcgcfg.dll
2011-11-06 11:04 - 2005-12-12 03:04 - 0983121 ____A (Microsoft Corporation) C:\Windows\System32\lxcggf.dll
2011-11-05 10:01 - 2011-11-05 10:01 - 0000000 ____D C:\Users\Kenny\Downloads\grunge-brush
2011-10-28 21:51 - 2011-10-28 21:51 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\R-TT
2011-10-28 21:50 - 2011-10-28 21:51 - 0000000 ____D C:\Users\Kenny\Documents\R-TT
2011-10-28 21:50 - 2011-10-28 21:50 - 0000000 ____D C:\Program Files\R-Studio
2011-10-27 12:07 - 2011-10-27 12:31 - 0001211 ____A C:\Windows\System32\Drivers\etc\hosts
2011-10-24 22:06 - 2011-10-24 22:06 - 0001928 ____A C:\shared.log
2011-10-24 21:17 - 2011-10-24 21:17 - 0005352 ____A C:\STFDCFC.tmp
2011-10-24 12:12 - 2011-11-17 18:48 - 0000227 ____A C:\service.log
2011-10-23 23:04 - 2011-10-23 23:04 - 0000000 ____D C:\Program Files\MSXML 4.0
2011-10-23 21:06 - 2011-01-25 22:11 - 0728448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2011-10-23 21:06 - 2011-01-25 22:11 - 0219008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2011-10-23 21:06 - 2011-01-25 21:50 - 0107520 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2011-10-23 21:06 - 2010-11-01 20:41 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-10-23 21:06 - 2010-11-01 20:41 - 0283648 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-10-23 21:06 - 2010-11-01 20:41 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2011-10-23 21:06 - 2010-11-01 20:36 - 0801792 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2011-10-23 21:06 - 2010-11-01 20:35 - 1170944 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2011-10-23 21:06 - 2010-11-01 20:35 - 1074176 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2011-10-23 21:06 - 2010-11-01 20:35 - 0739840 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2011-10-23 21:06 - 2010-11-01 20:35 - 0218624 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2011-10-23 21:06 - 2010-11-01 20:35 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2011-10-23 21:06 - 2010-06-25 21:14 - 1495040 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2011-10-23 21:05 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-10-23 13:06 - 2011-10-23 13:06 - 0000000 ____D C:\Users\Kenny\AppData\Local\{B9EE7A52-5997-44E6-A198-4CA0266AEC22}
2011-10-23 13:05 - 2011-10-23 13:06 - 0000000 ____D C:\Users\Kenny\AppData\Local\{7A4C2549-9680-40BB-AE66-24B21246F47A}
2011-10-23 12:58 - 2011-11-08 12:11 - 0030528 ____A C:\Windows\System32\BMXCtrlState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-10-23 12:58 - 2011-11-08 12:11 - 0030528 ____A C:\Windows\System32\BMXBkpCtrlState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-10-23 10:01 - 2011-10-23 10:01 - 0000000 ____D C:\Program Files\Active Data Recovery Software
2011-10-22 21:09 - 2011-10-23 13:01 - 4958588 ____A C:\Windows\{00000003-00000000-00000007-00001102-00000004-20021102}.CDF
2011-10-22 21:09 - 2006-11-14 03:28 - 0086016 ____A (Creative Technology Ltd) C:\Windows\System32\cttele.dll
2011-10-22 20:50 - 2011-10-22 20:51 - 0000000 ____D C:\Windows\System32\data
2011-10-22 20:45 - 2011-11-08 12:11 - 0031056 ____A C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-10-22 20:45 - 2011-11-08 12:11 - 0031056 ____A C:\Windows\System32\BMXState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-10-22 01:02 - 2011-11-09 11:03 - 0001190 ____A C:\Windows\System32\.crusader
2011-10-22 00:29 - 2011-11-17 18:47 - 0017480 ____A C:\Windows\System32\Drivers\hitmanpro35.sys
2011-10-22 00:27 - 2011-10-22 00:27 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\SUPERAntiSpyware.com
2011-10-22 00:27 - 2011-10-22 00:27 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2011-10-22 00:27 - 2011-10-22 00:27 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2011-10-22 00:25 - 2011-10-22 01:02 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-10-22 00:25 - 2011-10-22 01:02 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-10-21 02:02 - 2011-10-21 22:52 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Asymup
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default\Start Menu\Programs\Startup\desktop.ini
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default User\Start Menu\Programs\Startup\desktop.ini
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-10-21 01:23 - 2011-10-22 01:02 - 0000000 ____D C:\Users\All Users\jF01677AgBlK01677
2011-10-21 01:23 - 2011-10-22 01:02 - 0000000 ____D C:\ProgramData\jF01677AgBlK01677


============ 3 Months Modified Files and Folders ===============

2011-11-18 12:05 - 2011-11-18 12:00 - 0000000 ____D C:\FRST
2011-11-17 23:39 - 2009-07-13 18:36 - 0000000 __SHD C:\$Recycle.Bin
2011-11-17 22:35 - 2011-11-17 22:42 - 0858012 ____A C:\FRST.exe
2011-11-17 18:48 - 2011-10-24 12:12 - 0000227 ____A C:\service.log
2011-11-17 18:48 - 2010-07-09 13:12 - 0000000 __RHD C:\Users\Kenny\Documents\My Dropbox
2011-11-17 18:48 - 2010-07-09 13:12 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Dropbox
2011-11-17 18:47 - 2011-11-15 16:32 - 0000538 ____A C:\Windows\setupact.log
2011-11-17 18:47 - 2011-10-22 00:29 - 0017480 ____A C:\Windows\System32\Drivers\hitmanpro35.sys
2011-11-17 18:47 - 2011-03-19 16:03 - 0000000 ____D C:\Users\All Users\VMware
2011-11-17 18:47 - 2011-03-19 16:03 - 0000000 ____D C:\ProgramData\VMware
2011-11-17 18:47 - 2010-07-09 08:36 - 0017488 ____A (Windows 2000 DDK provider) C:\Windows\gdrv.sys
2011-11-17 18:47 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-17 18:46 - 2010-07-09 11:10 - 1609424896 __ASH C:\hiberfil.sys
2011-11-17 18:44 - 2011-11-17 18:25 - 0334220 ____A C:\Windows\ntbtlog.txt
2011-11-17 18:43 - 2011-11-17 18:43 - 0205072 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys
2011-11-17 18:43 - 2010-07-09 11:22 - 0773172 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-17 18:37 - 2010-07-09 11:12 - 1202051 ____A C:\Windows\WindowsUpdate.log
2011-11-17 18:15 - 2011-11-17 16:29 - 0001001 ____A C:\Users\Kenny\Start Menu\Programs\Startup\Dropbox.lnk
2011-11-17 18:15 - 2011-11-17 16:29 - 0001001 ____A C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2011-11-17 17:30 - 2010-07-30 15:08 - 0000000 ____D C:\Users\Kenny\AppData\Local\Last.fm
2011-11-17 17:29 - 2011-11-17 17:29 - 0000000 ____D C:\Users\Kenny\Desktop\AutocompleteList
2011-11-17 17:04 - 2011-11-17 17:04 - 0001505 ____A C:\Users\Kenny\Desktop\scribbles.txt
2011-11-17 17:01 - 2010-07-23 12:54 - 0000000 ____D C:\Users\Kenny\AppData\Local\Apple Computer
2011-11-17 16:46 - 2011-11-17 16:43 - 0004143 ____A C:\Windows\IE9_main.log
2011-11-17 16:45 - 2011-11-17 16:45 - 9704960 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-11-17 16:45 - 2011-11-17 16:45 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-17 16:45 - 2011-11-17 16:45 - 1798144 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1791488 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-11-17 16:45 - 2011-11-17 16:45 - 12275200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1126912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 1102848 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-17 16:45 - 2011-11-17 16:45 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-11-17 16:45 - 2011-11-17 16:45 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-11-17 16:45 - 2011-11-17 16:45 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-17 16:45 - 2011-11-17 16:45 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-11-17 16:45 - 2011-11-17 16:45 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-17 16:32 - 2010-07-09 11:22 - 0000000 ____D C:\Program Files\Mozilla Firefox
2011-11-17 16:29 - 2011-02-13 15:16 - 0000000 ____D C:\Users\All Users\Skype
2011-11-17 16:29 - 2011-02-13 15:16 - 0000000 ____D C:\ProgramData\Skype
2011-11-17 11:48 - 2010-07-09 11:22 - 0000000 ____D C:\Users\Kenny\AppData\Local\Mozilla
2011-11-17 11:42 - 2011-11-17 11:48 - 0001142 ____A C:\Users\Kenny\Documents\indexfile.txt
2011-11-17 11:42 - 2011-11-17 11:42 - 36020570 ____A C:\Users\Kenny\Documents\Firefox 3.6.24 (en-US) - 2011-11-17.pcv
2011-11-17 11:40 - 2011-11-17 11:40 - 0000000 ____D C:\Program Files\MozBackup-1.5.1-EN
2011-11-17 08:57 - 2010-09-05 06:25 - 0000000 ____D C:\Program Files\Google
2011-11-16 13:05 - 2010-07-09 13:08 - 0000000 ____D C:\Program Files\Steam
2011-11-16 12:52 - 2010-07-09 08:24 - 0000000 ____D C:\Program Files\Mozilla Thunderbird
2011-11-16 00:33 - 2010-07-10 12:18 - 0000000 ____D C:\Program Files\MSI Afterburner
2011-11-15 21:18 - 2011-11-07 09:44 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Winamp
2011-11-15 16:32 - 2011-11-15 16:32 - 0000000 ____A C:\Windows\setuperr.log
2011-11-15 13:37 - 2011-11-15 13:37 - 5781957 ____A C:\Users\Kenny\Downloads\c01758220.pdf
2011-11-15 06:54 - 2010-07-10 11:39 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\DAEMON Tools Lite
2011-11-15 06:47 - 2010-07-12 23:13 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\uTorrent
2011-11-15 06:46 - 2010-10-18 02:26 - 0000000 ____D C:\Windows\Minidump
2011-11-14 23:38 - 2011-11-14 23:38 - 0000000 ____D C:\Users\Kenny\AppData\Local\Skyrim
2011-11-14 23:38 - 2010-07-20 23:32 - 0000000 ____D C:\Users\Kenny\Documents\My Games
2011-11-14 23:37 - 2010-10-10 23:54 - 0000023 ____A C:\Windows\BlendSettings.ini
2011-11-14 22:45 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\rescache
2011-11-14 19:40 - 2010-07-09 11:17 - 0000000 ____D C:\Users\Kenny\AppData\LocalLow
2011-11-14 19:10 - 2011-11-14 19:10 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-11-14 18:55 - 2011-11-14 18:53 - 0000000 ____D C:\Users\All Users\Comodo
2011-11-14 18:55 - 2011-11-14 18:53 - 0000000 ____D C:\ProgramData\Comodo
2011-11-14 18:55 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2011-11-14 18:53 - 2011-11-14 18:51 - 0000000 ____D C:\Users\All Users\Comodo Downloader
2011-11-14 18:53 - 2011-11-14 18:51 - 0000000 ____D C:\ProgramData\Comodo Downloader
2011-11-14 18:52 - 2011-11-14 18:52 - 0000000 ____D C:\Program Files\COMODO
2011-11-14 16:16 - 2010-07-09 13:16 - 0000000 ____D C:\Users\All Users\CheckPoint
2011-11-14 16:16 - 2010-07-09 13:16 - 0000000 ____D C:\ProgramData\CheckPoint
2011-11-14 01:24 - 2011-11-14 00:21 - 424673280 ____A C:\Users\Kenny\Downloads\GR-Fashion-Pack.part1.rar
2011-11-13 20:07 - 2010-09-09 15:14 - 0280736 ____A C:\Windows\System32\PnkBstrB.xtr
2011-11-13 20:07 - 2010-09-09 15:13 - 0140496 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2011-11-13 20:07 - 2010-09-09 15:12 - 0280736 ____A C:\Windows\System32\PnkBstrB.exe
2011-11-13 20:05 - 2010-09-09 15:12 - 0270904 ____A C:\Windows\System32\PnkBstrB.ex0
2011-11-13 20:03 - 2010-10-18 01:47 - 0000000 ____D C:\Program Files\Modern Warfare 2 aIW Pre-final
2011-11-13 15:37 - 2011-11-10 17:28 - 0000041 ____A C:\Users\Kenny\Desktop\to-do today.txt
2011-11-13 13:55 - 2011-11-13 13:55 - 35967395 ____A C:\Users\Kenny\Downloads\IMG_3621.psd
2011-11-13 07:32 - 2009-07-13 20:34 - 0009776 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-13 07:32 - 2009-07-13 20:34 - 0009776 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-12 19:08 - 2011-03-30 22:13 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\DVD Flick
2011-11-12 16:32 - 2010-08-23 12:11 - 0000000 ____D C:\Program Files\DVD Flick
2011-11-11 11:38 - 2011-11-11 11:29 - 214700884 ____A C:\Users\Kenny\Downloads\SVP.11.0.424-x86-32bit.rar
2011-11-11 11:36 - 2011-11-11 11:33 - 221146570 ____A C:\Users\Kenny\Downloads\SVP.11.0.425-x64-64bit.rar
2011-11-11 10:56 - 2011-11-11 09:54 - 424673280 ____A C:\Users\Kenny\Downloads\GR-Fashion-Pack.part2.rar
2011-11-10 22:56 - 2011-11-10 22:56 - 0000000 ____D C:\Users\Kenny\Downloads\Sony.Vegas.Pro.10.x86-x64.Cracked
2011-11-09 11:19 - 2011-11-09 11:19 - 0000000 ___HD C:\Users\Kenny\Start Menu\Programs\Startup\AutorunsDisabled
2011-11-09 11:19 - 2011-11-09 11:19 - 0000000 ___HD C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
2011-11-09 11:11 - 2010-07-09 13:17 - 0000000 ____D C:\Windows\System32\ZoneLabs
2011-11-09 11:03 - 2011-10-22 01:02 - 0001190 ____A C:\Windows\System32\.crusader
2011-11-09 09:33 - 2011-11-09 09:33 - 0000000 ____D C:\Users\Kenny\Downloads\StockT-shirtDesigns_Free-Sample_05
2011-11-09 01:26 - 2011-11-09 01:26 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2011-11-08 13:10 - 2011-11-08 13:10 - 0000159 ____A C:\Users\Kenny\Desktop\screenprinting supplies.txt
2011-11-08 12:11 - 2011-10-23 12:58 - 0030528 ____A C:\Windows\System32\BMXCtrlState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-11-08 12:11 - 2011-10-23 12:58 - 0030528 ____A C:\Windows\System32\BMXBkpCtrlState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-11-08 12:11 - 2011-10-22 20:45 - 0031056 ____A C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-11-08 12:11 - 2011-10-22 20:45 - 0031056 ____A C:\Windows\System32\BMXState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-11-08 12:11 - 2011-05-15 16:21 - 0011564 ____A C:\Windows\System32\DVCState-{00000003-00000000-00000007-00001102-00000004-20021102}.rfx
2011-11-08 10:43 - 2010-11-19 01:21 - 0000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-11-08 10:43 - 2010-11-19 01:21 - 0000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-11-08 10:43 - 2010-07-11 08:12 - 0000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2398226805-2317841884-600848533-1001UA.job
2011-11-08 10:43 - 2010-07-11 08:12 - 0000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2398226805-2317841884-600848533-1001Core.job
2011-11-08 10:42 - 2011-11-08 10:42 - 0001080 ____A C:\Windows\System32\settingsbkup.sfm
2011-11-08 10:42 - 2011-11-08 10:42 - 0001080 ____A C:\Windows\System32\settings.sfm
2011-11-07 19:45 - 2010-10-29 01:20 - 0000000 ____D C:\Users\Kenny\AppData\Local\ElevatedDiagnostics
2011-11-07 10:33 - 2011-11-07 10:27 - 0000000 ____D C:\Users\Kenny\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2011-11-06 14:00 - 2011-02-19 14:04 - 0000087 ____A C:\Users\Kenny\Documents\Studio.txt
2011-11-06 12:46 - 2011-11-06 12:46 - 0000074 ____A C:\lxcg.log
2011-11-06 11:08 - 2011-11-06 11:04 - 0014645 ____A C:\Windows\System32\LexFiles.ulf
2011-11-06 11:08 - 2011-11-06 11:04 - 0000000 ____D C:\Program Files\Lexmark 2300 Series
2011-11-06 11:07 - 2011-11-06 11:05 - 0000000 ____D C:\Program Files\Lx_cats
2011-11-06 11:04 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\twain_32
2011-11-05 10:01 - 2011-11-05 10:01 - 0000000 ____D C:\Users\Kenny\Downloads\grunge-brush
2011-11-05 09:47 - 2010-07-09 11:22 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Mozilla
2011-11-02 10:53 - 2011-03-19 16:12 - 0000000 ____D C:\Users\Kenny\AppData\Local\VMware
2011-11-02 10:53 - 2011-03-19 16:09 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\VMware
2011-10-28 21:51 - 2011-10-28 21:51 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\R-TT
2011-10-28 21:51 - 2011-10-28 21:50 - 0000000 ____D C:\Users\Kenny\Documents\R-TT
2011-10-28 21:50 - 2011-10-28 21:50 - 0000000 ____D C:\Program Files\R-Studio
2011-10-28 12:41 - 2010-07-09 14:55 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\vlc
2011-10-28 10:44 - 2011-05-27 19:36 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2011-10-27 12:31 - 2011-10-27 12:07 - 0001211 ____A C:\Windows\System32\Drivers\etc\hosts
2011-10-26 08:26 - 2009-07-13 20:53 - 0032600 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-10-25 10:09 - 2011-03-01 19:54 - 0000000 ____D C:\Users\All Users\Electronic Arts
2011-10-25 10:09 - 2011-03-01 19:54 - 0000000 ____D C:\ProgramData\Electronic Arts
2011-10-25 00:46 - 2010-07-09 08:32 - 0000000 ____D C:\Program Files\AMD
2011-10-25 00:43 - 2011-10-04 00:14 - 0000000 ___HD C:\Program Files\Common Files\EAInstaller
2011-10-24 23:49 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET
2011-10-24 22:06 - 2011-10-24 22:06 - 0001928 ____A C:\shared.log
2011-10-24 21:17 - 2011-10-24 21:17 - 0005352 ____A C:\STFDCFC.tmp
2011-10-24 12:43 - 2010-10-24 13:24 - 0000000 ____D C:\Users\Kenny\eBooks
2011-10-24 12:43 - 2010-08-09 12:54 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Audacity
2011-10-24 12:41 - 2010-08-09 12:52 - 0000000 ____D C:\Program Files\Audacity 1.3 Beta (Unicode)
2011-10-24 11:53 - 2010-12-05 16:10 - 0000000 ____D C:\Program Files\Desura
2011-10-23 23:30 - 2010-07-09 13:11 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2011-10-23 23:29 - 2010-09-05 16:31 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-10-23 23:29 - 2010-09-05 16:31 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-10-23 23:29 - 2010-07-20 23:30 - 0000000 ____D C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-23 23:04 - 2011-10-23 23:04 - 0000000 ____D C:\Program Files\MSXML 4.0
2011-10-23 16:00 - 2010-07-09 12:24 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2011-10-23 16:00 - 2010-07-09 12:24 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2011-10-23 13:35 - 2010-07-09 15:17 - 0000000 ___HD C:\Fraps
2011-10-23 13:18 - 2011-08-07 15:45 - 0000000 ____D C:\Program Files\Common Files\doubleTwist
2011-10-23 13:17 - 2011-08-07 15:45 - 0000000 ____D C:\Program Files\ffdshow
2011-10-23 13:14 - 2011-03-30 19:28 - 0000000 ____D C:\Program Files\War Inc Battlezone
2011-10-23 13:09 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2011-10-23 13:06 - 2011-10-23 13:06 - 0000000 ____D C:\Users\Kenny\AppData\Local\{B9EE7A52-5997-44E6-A198-4CA0266AEC22}
2011-10-23 13:06 - 2011-10-23 13:05 - 0000000 ____D C:\Users\Kenny\AppData\Local\{7A4C2549-9680-40BB-AE66-24B21246F47A}
2011-10-23 13:01 - 2011-10-22 21:09 - 4958588 ____A C:\Windows\{00000003-00000000-00000007-00001102-00000004-20021102}.CDF
2011-10-23 12:57 - 2010-07-09 08:25 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2011-10-23 12:56 - 2009-07-13 18:37 - 0000000 ___RD C:\users\Public
2011-10-23 11:35 - 2010-07-09 08:44 - 0017488 ____A (Windows 2000 DDK provider) C:\Windows\etdrv.sys
2011-10-23 11:13 - 2010-07-09 08:37 - 0024944 ____A C:\Windows\System32\Drivers\GVTDrv.sys
2011-10-23 11:13 - 2010-07-09 08:37 - 0000004 ____A C:\Windows\System32\GVTunner.ref
2011-10-23 10:09 - 2010-08-18 10:36 - 0000000 ____D C:\Program Files\Atmosphere Deluxe
2011-10-23 10:01 - 2011-10-23 10:01 - 0000000 ____D C:\Program Files\Active Data Recovery Software
2011-10-22 21:09 - 2011-03-10 14:38 - 0114688 ____A (Portions Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2011-10-22 20:51 - 2011-10-22 20:50 - 0000000 ____D C:\Windows\System32\data
2011-10-22 20:37 - 2010-07-09 12:18 - 0000000 ____D C:\Users\Kenny\AppData\Local\Adobe
2011-10-22 11:25 - 2010-07-28 13:35 - 0000000 ____D C:\Windows\pss
2011-10-22 11:23 - 2010-09-08 11:15 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\DNA
2011-10-22 01:08 - 2010-09-08 11:15 - 0000000 ____D C:\Program Files\DNA
2011-10-22 01:02 - 2011-10-22 00:25 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-10-22 01:02 - 2011-10-22 00:25 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-10-22 01:02 - 2011-10-21 01:23 - 0000000 ____D C:\Users\All Users\jF01677AgBlK01677
2011-10-22 01:02 - 2011-10-21 01:23 - 0000000 ____D C:\ProgramData\jF01677AgBlK01677
2011-10-22 01:02 - 2010-12-12 14:02 - 0000000 ____D C:\Program Files\WinSnap_3.5.3-portable
2011-10-22 00:27 - 2011-10-22 00:27 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\SUPERAntiSpyware.com
2011-10-22 00:27 - 2011-10-22 00:27 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2011-10-22 00:27 - 2011-10-22 00:27 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2011-10-21 22:52 - 2011-10-21 02:02 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Asymup
2011-10-21 02:12 - 2010-07-09 12:18 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Macromedia
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default\Start Menu\Programs\Startup\desktop.ini
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default User\Start Menu\Programs\Startup\desktop.ini
2011-10-21 02:02 - 2011-10-21 02:02 - 0000174 ___SH C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-10-21 01:46 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Branding
2011-10-16 12:45 - 2010-08-16 14:19 - 0001456 ____A C:\Users\Kenny\AppData\Local\Adobe Save for Web 12.0 Prefs
2011-10-15 21:12 - 2011-10-15 21:12 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Hobbyist Software
2011-10-15 21:12 - 2011-10-15 21:12 - 0000000 ____D C:\Users\Kenny\AppData\Local\Hobbyist_Software
2011-10-15 15:02 - 2011-02-26 22:51 - 0000000 ____D C:\Cakewalk Projects
2011-10-15 10:59 - 2010-07-17 12:31 - 0806968 ___AH C:\Windows\System32\mlfcache.dat
2011-10-15 08:54 - 2011-03-01 12:39 - 0000000 ____D C:\Users\Kenny\Documents\Resumes
2011-10-15 07:58 - 2010-07-24 12:39 - 0000000 ____D C:\Program Files\iTunes
2011-10-15 07:57 - 2011-10-15 07:57 - 0000000 ____D C:\Program Files\iPod
2011-10-15 07:57 - 2010-07-19 11:13 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-10-15 07:54 - 2011-10-15 07:54 - 0000000 ____D C:\Program Files\Bonjour
2011-10-15 07:54 - 2011-10-15 07:54 - 0000000 ____D C:\Program Files\Apple Software Update
2011-10-14 11:28 - 2010-08-18 10:39 - 0000000 ____D C:\Users\Kenny\AppData\Local\amd
2011-10-14 11:27 - 2011-10-14 11:27 - 0000000 ____D C:\Users\All Users\ATI
2011-10-14 11:27 - 2011-10-14 11:27 - 0000000 ____D C:\Users\All Users\AMD
2011-10-14 11:27 - 2011-10-14 11:27 - 0000000 ____D C:\ProgramData\ATI
2011-10-14 11:27 - 2011-10-14 11:27 - 0000000 ____D C:\ProgramData\AMD
2011-10-14 11:27 - 2010-07-09 08:34 - 0000000 ____D C:\Program Files\ATI Technologies
2011-10-14 09:59 - 2011-02-27 16:28 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\WebApps
2011-10-14 09:59 - 2011-02-27 16:28 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Prism
2011-10-14 09:59 - 2011-02-27 16:28 - 0000000 ____D C:\Users\Kenny\AppData\Local\Prism
2011-10-13 12:34 - 2011-11-08 12:29 - 0000000 ____D C:\Users\Kenny\Downloads\7.magazine.MU.Bun
2011-10-12 22:58 - 2011-10-12 09:57 - 0006589 ____A C:\Users\Kenny\umbrella0.log
2011-10-12 22:58 - 2010-07-09 11:17 - 0000000 ____D C:\users\Kenny
2011-10-12 22:54 - 2011-10-12 22:54 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\redsn0w
2011-10-12 15:33 - 2011-07-29 18:03 - 0008177 ____A C:\Users\Kenny\Documents\new hiphop.m3u
2011-10-12 09:56 - 2011-10-12 09:56 - 0000000 ____D C:\Users\Kenny\.shsh
2011-10-10 23:30 - 2011-10-10 23:30 - 0000000 __HDC C:\Users\All Users\{3FF56E78-3AAB-4596-A1AC-32869EB9463A}
2011-10-10 23:30 - 2011-10-10 23:30 - 0000000 __HDC C:\ProgramData\{3FF56E78-3AAB-4596-A1AC-32869EB9463A}
2011-10-10 23:30 - 2011-02-27 13:13 - 0000000 ____D C:\Users\Kenny\Documents\Native Instruments
2011-10-10 23:30 - 2011-01-12 13:43 - 0000000 ____D C:\Users\Kenny\AppData\Local\Native Instruments
2011-10-10 23:28 - 2011-10-10 23:28 - 0000000 __HDC C:\Users\All Users\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2011-10-10 23:28 - 2011-10-10 23:28 - 0000000 __HDC C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2011-10-10 23:28 - 2011-02-26 23:00 - 0000000 ____D C:\Users\All Users\Native Instruments
2011-10-10 23:28 - 2011-02-26 23:00 - 0000000 ____D C:\ProgramData\Native Instruments
2011-10-10 23:28 - 2011-02-26 23:00 - 0000000 ____D C:\Program Files\Native Instruments
2011-10-10 23:28 - 2011-02-26 23:00 - 0000000 ____D C:\Program Files\Common Files\Native Instruments
2011-10-07 15:47 - 2011-10-07 15:47 - 0488208 ____A (COMODO) C:\Windows\System32\Drivers\cmdGuard.sys
2011-10-07 15:47 - 2011-10-07 15:47 - 0300200 ____A (COMODO) C:\Windows\System32\guard32.dll
2011-10-07 15:47 - 2011-10-07 15:47 - 0082400 ____A (COMODO) C:\Windows\System32\Drivers\inspect.sys
2011-10-07 15:47 - 2011-10-07 15:47 - 0039640 ____A (COMODO) C:\Windows\System32\Drivers\cmdhlp.sys
2011-10-07 15:47 - 2011-10-07 15:47 - 0033984 ____A (COMODO) C:\Windows\System32\cmdcsr.dll
2011-10-07 15:47 - 2011-10-07 15:47 - 0019600 ____A (COMODO) C:\Windows\System32\Drivers\cmderd.sys
2011-10-05 06:09 - 2010-07-12 19:45 - 48324552 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-10-05 03:43 - 2010-08-09 13:02 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\FileZilla
2011-10-04 19:12 - 2010-07-17 14:43 - 0000132 ____A C:\Users\Kenny\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-10-04 12:29 - 2010-09-09 15:14 - 0000000 ____D C:\Users\Kenny\AppData\Local\PunkBuster
2011-10-04 12:27 - 2011-10-04 12:27 - 0000000 ____D C:\Users\Kenny\AppData\Local\Steinberg
2011-10-04 12:26 - 2011-10-04 12:26 - 0000000 ____D C:\Program Files\Battlelog Web Plugins
2011-10-04 00:14 - 2010-09-09 15:13 - 0138056 ____A C:\Users\Kenny\AppData\Roaming\PnkBstrK.sys
2011-10-04 00:12 - 2010-09-09 15:12 - 0075136 ____A C:\Windows\System32\PnkBstrA.exe
2011-10-03 23:45 - 2011-10-03 23:45 - 0000000 ____D C:\Program Files\Sonnox
2011-10-03 23:45 - 2011-10-03 23:45 - 0000000 ____D C:\Program Files\Common Files\Sonnox
2011-10-03 23:45 - 2011-07-28 15:14 - 0000000 ____D C:\Program Files\Common Files\Steinberg
2011-10-03 23:45 - 2010-07-30 13:06 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Steinberg
2011-10-03 23:44 - 2011-10-02 10:29 - 0000045 ____A C:\Windows\System32\SYNSOPOS.exe.cfg
2011-10-03 23:44 - 2011-10-02 10:29 - 0000000 ____D C:\Program Files\eLicenser
2011-10-03 23:44 - 2010-07-30 13:06 - 0000000 ____D C:\Program Files\Steinberg
2011-10-03 23:39 - 2011-10-03 23:37 - 0000000 ____D C:\Program Files\Origin Games
2011-10-02 16:13 - 2011-01-12 17:40 - 0113954 ____A C:\Users\Kenny\Documents\simple drum beat.rns
2011-10-02 16:11 - 2011-02-20 14:17 - 0111366 ____A C:\Users\Kenny\Documents\Dubstep.rns
2011-10-02 15:58 - 2010-07-29 21:59 - 0165950 ____A C:\Users\Kenny\Documents\Oldies_hiphop_DNB.rns
2011-10-02 10:30 - 2011-10-02 10:30 - 0002892 ____A () C:\Windows\System32\audcon.sys
2011-10-02 10:30 - 2011-10-02 10:30 - 0000000 ____D C:\Users\All Users\Syncrosoft
2011-10-02 10:30 - 2011-10-02 10:30 - 0000000 ____D C:\ProgramData\Syncrosoft
2011-10-02 10:30 - 2011-10-02 10:29 - 0000000 ____D C:\Users\All Users\eLicenser
2011-10-02 10:30 - 2011-10-02 10:29 - 0000000 ____D C:\ProgramData\eLicenser
2011-10-02 10:29 - 2011-10-02 10:29 - 0000000 ____D C:\Program Files\Syncrosoft
2011-09-30 09:49 - 2011-01-06 15:29 - 0000000 ____D C:\Users\Kenny\Documents\BFBC2
2011-09-26 00:54 - 2011-09-26 00:54 - 0000000 ____D C:\Users\Kenny\Documents\Square Enix
2011-09-25 23:32 - 2011-09-25 23:32 - 0000000 __HDC C:\Users\All Users\{69B9EA9A-2B6B-4DD3-A8F9-ED88FA739388}
2011-09-25 23:32 - 2011-09-25 23:32 - 0000000 __HDC C:\ProgramData\{69B9EA9A-2B6B-4DD3-A8F9-ED88FA739388}
2011-09-25 12:59 - 2011-09-24 15:13 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\REAPER
2011-09-24 19:13 - 2010-09-12 11:35 - 0000000 ____D C:\Windows\Downloaded Installations
2011-09-24 16:02 - 2011-09-24 15:59 - 0000000 ____D C:\Users\Kenny\Documents\REAPER Media
2011-09-24 15:13 - 2011-09-24 15:12 - 0000000 ____D C:\Program Files\REAPER
2011-09-22 23:35 - 2010-07-09 13:08 - 0000000 ____D C:\Program Files\Common Files\Steam
2011-09-22 15:23 - 2010-07-09 12:27 - 0000132 ____A C:\Users\Kenny\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-09-20 21:40 - 2011-09-20 21:40 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\uk.co.planetside
2011-09-14 17:41 - 2010-07-30 13:45 - 0000000 ____D C:\Users\Kenny\Documents\Cubase Projects
2011-09-14 13:26 - 2010-08-27 18:46 - 0000000 ____D C:\Program Files\FLV_Extract
2011-09-13 02:30 - 2011-01-09 13:11 - 0000000 ____D C:\Users\Kenny\AppData\Roaming\Rovio
2011-09-13 02:29 - 2011-09-13 02:29 - 0000000 ____D C:\Program Files\Rovio
2011-09-12 13:29 - 2010-07-11 08:12 - 0000000 ____D C:\Users\Kenny\AppData\Local\Google
2011-09-10 18:12 - 2011-09-10 16:14 - 0000000 ____D C:\Program Files\Dead Island
2011-09-08 10:26 - 2011-09-08 10:26 - 8606208 ____A (ATI Technologies Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2011-09-08 09:39 - 2011-09-08 09:39 - 18534912 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atioglxx.dll
2011-09-08 09:34 - 2011-09-08 09:34 - 0732672 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx32.dll
2011-09-08 09:34 - 2011-09-08 09:34 - 0189856 ____A C:\Windows\System32\atiapfxx.blb
2011-09-08 09:34 - 2011-09-08 09:34 - 0151552 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2011-09-08 09:30 - 2011-09-08 09:30 - 0466944 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2011-09-08 09:30 - 2011-09-08 09:30 - 0401408 ____A (AMD) C:\Windows\System32\atieclxx.exe
2011-09-08 09:29 - 2011-09-08 09:29 - 0176128 ____A (AMD) C:\Windows\System32\atiesrxx.exe
2011-09-08 09:28 - 2011-09-08 09:28 - 0356352 ____A (ATI Technologies, Inc.) C:\Windows\System32\atipdlxx.dll
2011-09-08 09:28 - 2011-09-08 09:28 - 0278528 ____A (ATI Technologies, Inc.) C:\Windows\System32\Oemdspif.dll
2011-09-08 09:28 - 2011-09-08 09:28 - 0159744 ____A (AMD) C:\Windows\System32\atitmmxx.dll
2011-09-08 09:28 - 2011-09-08 09:28 - 0043520 ____A (ATI Technologies, Inc.) C:\Windows\System32\ati2edxx.dll
2011-09-08 09:28 - 2011-09-08 09:28 - 0020992 ____A (AMD) C:\Windows\System32\atimuixx.dll
2011-09-08 09:24 - 2011-09-08 09:24 - 4204032 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx32.dll
2011-09-08 09:18 - 2011-09-08 09:18 - 1828864 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumdmv.dll
2011-09-08 09:09 - 2011-09-08 09:09 - 0046080 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt.dll
2011-09-08 09:09 - 2011-09-08 09:09 - 0044032 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl.dll
2011-09-08 09:08 - 2011-09-08 09:08 - 4064768 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumdva.dll
2011-09-08 09:07 - 2011-09-08 09:07 - 1289184 ____A C:\Windows\System32\atiumdva.cap
2011-09-08 09:05 - 2011-09-08 09:05 - 7331840 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd.dll
2011-09-08 09:05 - 2011-09-08 09:05 - 4289024 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumdag.dll
2011-09-08 08:59 - 2010-05-27 08:35 - 0052736 ____A (AMD) C:\Windows\System32\coinst.dll
2011-09-08 08:53 - 2011-09-08 08:53 - 0270336 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2011-09-08 08:52 - 2011-09-08 08:52 - 0248832 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2011-09-08 08:52 - 2011-09-08 08:52 - 0032768 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atigktxx.dll
2011-09-08 08:52 - 2011-09-08 08:52 - 0013312 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2011-09-08 08:51 - 2011-09-08 08:51 - 0053248 ____A (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2011-09-08 08:51 - 2011-09-08 08:51 - 0029184 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9pag.dll
2011-09-08 08:51 - 2010-05-27 08:24 - 0031744 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxpag.dll
2011-09-08 08:50 - 2011-09-08 08:50 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc32.dll
2011-09-08 08:50 - 2011-09-08 08:50 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom32.dll
2011-09-04 13:03 - 2011-09-04 13:03 - 0000017 ____A C:\Users\Kenny\AppData\Local\resmon.resmoncfg
2011-09-03 01:40 - 2011-09-03 01:40 - 0032081 ____A C:\Users\Kenny\Desktop\Futurama.xspf
2011-08-30 19:05 - 2011-08-30 19:05 - 0178536 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-08-30 19:05 - 2011-08-30 19:05 - 0083816 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-08-30 19:05 - 2011-08-30 19:05 - 0073064 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-08-30 19:05 - 2011-08-30 19:05 - 0050536 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-08-28 13:45 - 2011-08-28 13:45 - 0000000 ____D C:\Users\Kenny\Documents\Dust
2011-08-28 13:40 - 2011-08-28 13:39 - 0000000 ____D C:\Users\Kenny\AppData\Local\Ubisoft Game Launcher
2011-08-28 13:15 - 2010-11-12 02:12 - 0000000 ____D C:\Program Files\Ubisoft
2011-08-26 13:39 - 2010-07-14 14:11 - 0000000 ____D C:\Users\Kenny\Documents\ROMS
2011-08-26 06:34 - 2011-08-26 06:34 - 0239869 ____A C:\Windows\System32\atiicdxx.dat
2011-08-26 00:13 - 2011-08-26 00:13 - 0000000 ____D C:\Program Files\VisualBoyAdvance-1.7.2
2011-08-25 10:50 - 2010-07-31 11:01 - 0000000 ____D C:\Users\Kenny\.VirtualBox
2011-08-24 13:32 - 2009-07-13 20:33 - 4986096 ____A C:\Windows\System32\FNTCACHE.DAT
2011-08-24 12:39 - 2010-07-09 08:37 - 0538240 ____A C:\Users\Kenny\AppData\Local\GDIPFONTCACHEV1.DAT
2011-08-24 12:30 - 2011-08-24 12:29 - 0000000 ____D C:\Program Files\HP webOS
2011-08-24 12:28 - 2010-07-31 11:02 - 0000000 ____D C:\Users\Kenny\AppData\Local\Downloaded Installations
2011-08-24 01:07 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\LiveKernelReports
2011-08-24 00:45 - 2011-08-24 00:44 - 0000000 ____D C:\Program Files\Celestia
2011-08-24 00:35 - 2011-08-24 00:35 - 0000000 ____D C:\Users\Kenny\AppData\Local\stellarium

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2010-07-12 19:42] - [2009-10-30 21:45] - 2614272 ____A (Microsoft Corporation) 2626FC9755BE22F805D3CFA0CE3EE727

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 23%
Total physical RAM: 2046.49 MB
Available physical RAM: 1575.11 MB
Total Pagefile: 2046.49 MB
Available Pagefile: 1574.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.23 MB

======================= Partitions =========================

1 Drive c: (Windows) (Fixed) (Total:297.99 GB) (Free:31.79 GB) NTFS ==>[OS]
3 Drive f: () (Removable) (Total:7.45 GB) (Free:3.64 GB) NTFS ==>[Boot]
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[Boot]


Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 297 GB 101 MB

Partition 1
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

==========================================================

Last Boot: 2011-11-10 21:46

======================= End Of Log ==========================






I would GREATLY appreciate any help, and I'd be willing to extend some of my services free of charge (web design, web development, graphic design, 3d, motion graphics, audio production) :)
Ive had a lot of free time lately as well So i'll be sticking around the forums, helping out in other forums (more suited for my expertise).

Attached Files

  • Attached File  FRST.txt   62.54KB   1 downloads

Edited by mr roman, 18 November 2011 - 01:46 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 18 November 2011 - 01:53 PM

Lets restore the registry to the last time the computer was able to boot.

Download the enclosed file and save it in the USB drive:

Insert the USB drive in the ailing computer.

Now please enter System Recovery Options.

Run FRST as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

If successful, attempt to boot in Normal Mode.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 mr roman

mr roman
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CT / Puerto Rico
  • Local time:12:34 AM

Posted 18 November 2011 - 02:17 PM

Aahhh! How did I miss those entries!!

Ran FRST, asked to run it again, Ran it agian, clicked Fix. Rebooted, Same BSoD still.



Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.9)
Ran by SYSTEM at 2011-11-18 14:13:24 R:4
Running from F:\Apps

==============================================

C:\Users\All Users\jF01677AgBlK01677 moved successfully.
C:\ProgramData\jF01677AgBlK01677 not found.
DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.

==== End of Fixlog ====

#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 18 November 2011 - 02:46 PM

How many hard drives are in the computer?

Download MBRFix from here.

Save and extract its contents to the working computer's desktop. There are three files in the MBRFix folder. From these, only copy the MBRFix.exe to the USB drive's root, not in the apps folder. It should appear as F:\MBRFix

Also download the enclosed file and save it in the USB drive.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). It will also create a file labeled MBRDUMP.txt. Copy and Paste the contents of the Fixlog.txt in your next reply, but attach the MBRDUMP.txt as it is a hex file.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 mr roman

mr roman
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CT / Puerto Rico
  • Local time:12:34 AM

Posted 18 November 2011 - 03:15 PM

6 Hard-drives totaling up to about 2TB's (its mostly work related, large audio recordings from artists, raw camera footage for tv, 3d content for video games).

but I only have 1 connected which is the windows drive. I placed MBRFix on the root of the flashdrive, as well as the fixlist and FRST.
I ran FRST, here is the log

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.9)
Ran by SYSTEM at 2011-11-18 15:06:53 R:6
Running from F:\

==============================================


==== End of Fixlog ====


it did not create a MBRDUMP file. I even tried to run it from the F:\Apps\ and it still didnt create the MBRDUMP.
I was able to run the command
F:\MbrFix /drive 0 savembr F:\MBRDUMP.txt

and it did create the MBRDUMP file.

note: i should mention that the flashdrive im using is a formatted bootable Windows 7 Ultimate installation. and I have a ton of diagnostics/portable apps on a "Apps" folder. not sure if that has any effect on these programs running, but if needed I can re-format it and only place the required tools.

Attached Files


Edited by mr roman, 18 November 2011 - 03:17 PM.


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 18 November 2011 - 03:26 PM

Boot to the advanced menu by pressing F8 and "Disable automatic restart on system failure."

Get to the BSOD and post the information of the Stop Message.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 mr roman

mr roman
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CT / Puerto Rico
  • Local time:12:34 AM

Posted 18 November 2011 - 03:40 PM

a problem has been detected and windows has been shut down to prevent damage to your computer

if this is the first time youve seen this stop error screen, restart your computer. if this screen appears again, follow these steps:

check for viruses on your computer. remove any newly installed hard drives or hard drive controllers. check your hard drive to make sure it is properly configured and terminated.
Run chkdsk /F to check for hard drive corruption, and then restart your computer

technical information:

*** stop: 0x0000007B (0x80786B58, 0xC000000D, 0x00000000, 0x00000000)


I ran chkdsk /f last night, and sfc /scannow (which didnt do anything).

Edited by mr roman, 18 November 2011 - 03:42 PM.


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 18 November 2011 - 03:52 PM

It means "Inaccessible Boot Device". Lets try to write the Master Boot Record.

Download the enclosed file and save it in the USB drive overwriting the existing one.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). Copy and Paste the contents of the Fixlog.txt in your next reply.

If successful, attempt to boot in Normal Mode.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 mr roman

mr roman
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CT / Puerto Rico
  • Local time:12:34 AM

Posted 18 November 2011 - 04:02 PM

Oh my god. You are some sort of magical diagnostics angel sent from the digital gods above! Booted perfect! I am now in safe-mode scanning with MBAM and Hitman Pro.


Wow! Before I got this nasty rootkit, I had a 80gb work hardrive on here and i thought had crashed. It was inaccessible for a few weeks, I tried to recovery it using various programs and nothing worked! I was almost about to re-format it, but after connecting my drives back and re-booting, everything is still there!!!! incredible!!!

Now my iGoogle widgets work too! They haven't been working for months!!! Thank you so much!!



Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.9)
Ran by SYSTEM at 2011-11-18 15:56:48 R:7
Running from F:\

==============================================


========= bootrec /FixMbr =========

ÿþT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========


=========== Control: ===========

The operation completed successfully.

==== End of Control: ====

==== End of Fixlog ====

Attached Files


Edited by mr roman, 18 November 2011 - 04:25 PM.


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 18 November 2011 - 05:43 PM

Be careful with Hitman Pro. It is unable to remove infections affecting the master boot record.

Is there anything else I can do for you?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 mr roman

mr roman
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CT / Puerto Rico
  • Local time:12:34 AM

Posted 18 November 2011 - 07:16 PM

Thanks! both came up clean. I did have one problem of my installed MBAM and COMODO not working but I just simply ran a clean up utility for COMODO and reinstalled both programs. Everything is so flawless now! Thank you very much for your help!

#12 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 18 November 2011 - 09:07 PM

You are welcome.

Be safe :)

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:01:34 AM

Posted 25 November 2011 - 08:35 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users